Automatic Fixing of a Compromised Site???

Started by Uneek, March 13, 2002, 03:27:42 PM

Previous topic - Next topic
Yup... new software claims to do it all for ya... I don't know about you guys... but knowing what I know, I don't think I'll trust a canned app to do this for me. Opinions from the forum?

http://www.lockstep.com/
*** Sleep: A completely inadequate substitute for caffeine. ***
01010010010101000100011001001101

I took a security / security policy class about 9 months ago. The first thing the instructor (former Dept. of Defense Security Admin) said was "If they claim it protects you...they're lying". I believe him. If they're isn't somebody there, it isn't secure. And even then, it's still not 100%...

Wilnix
alt email address: wilnix@hackphreak.org

haha
no program will fix a compromization. Period. EOF.
Besides, who's to say it'll be updated after *every* exploit. Erm, don't know about
you but uh... it could make it seem like it's fixed and then they could still get 0wned.
What about backdoors, passwords that are successfully brute forced ?
Bull shit program. What a load of crap. Like it can fix idiot users and backdoors too.
hahaha
*rofl*
"My Terminal is my Soul"

That's a pretty basic application. If done right it could be a very usefull app. It would also minimize down time for larger corperations that depend on there site being up 24/7.

Yould could just have this running as a background service, checking at random periods for changes to the WWW files. And if there is an unauthorized update to the files, then the app auto backs up. To be honest i see that as being very usefull if done right.

You wouldnt use a tool like this to protect yourself, just to get yourself back online, notify you when changes have been made, and keep a log for your own records and investigations. If you ask me this is a application that will sell pretty damn well.

I am not suffering with insanity... I am loving every minute of it.

I'm sure it will sell VERY well because there are a lot of idiots out there who don't know any better... but like, I doubt it will be an all-fix for a compromised box. I would think that would be impossible! Get rid of root kits and installed back-doors, etc... I see what you're saying Cobby, but wouldn't a good backup be just as useful as an app which you are describing?
*** Sleep: A completely inadequate substitute for caffeine. ***
01010010010101000100011001001101

No Uneek, You see what your missing is.. Not every website is monitored 24/7 .. and alot of these e-commerce companies DEMAND! that their site be up 24/7 if not they loose customers and business. So this program gets them back online quickly.. And does a temporary patch up job untill the administator of the server gets to do a solid backup.

Now you see what i am getting at? Not every company around the world has 24/7 admins.. So in order to guarantee that the companies site is up 24/7 they can use this lill app that does the job that someone can not do all the time.
I am not suffering with insanity... I am loving every minute of it.

Maybe it's just my opinion... but if a site has e-commerce on it where sensitive information like credit card information may be stored, I think who ever is in charge of the site/domain NEEDS to be available 24/7... at least on call, and there SHOULD be someone monitoring for such activity. Don't rely on a canned application to do the job of an admin I say... just my $0.025...
*** Sleep: A completely inadequate substitute for caffeine. ***
01010010010101000100011001001101

You have to remember that not all new E-Commerce companies can afford to have an admin on call 24/7.

They are relying on this site to make there bread and butter. So this app would serv them well
I am not suffering with insanity... I am loving every minute of it.

First off: As far as running an E-Commerce site goes, if you are taking credit card info, you should do your best to go without storing that data for any amount of time beyond what is needed. That just adds to the risk, and smaller businesses who can't afford 24/7 monitoring shouldn't have the need. Not to mention, there are things like pay pal, etc. to help assist in transactions like this. I had more to add to this topic, but I just lost my train of thought...so screw it.

Wilnix
alt email address: wilnix@hackphreak.org

I agree with Neek and Will:

1 - they should not have it stored for long. It should be on a PRIVATE lan that is
blocked at the gateway. Period. No exceptions.

Did you know that there is one credit card database that all it takes to get the numbers
from the website is a simple search engine criteria ? Syxx showed me this. Scary

Also, I guarantee that those many times that thousands of credit card numbers were
published to the ENTIRE world (afterall, it was on a web site :) was after a compromise.
And after that compromise, the database entries were on the server UNENCRYPTED for the script
kiddy/thief to get their hands on.

You can't rely on a program. Writing many programs in the past,
I can tell you that you can not think of everything, never ever. It will take forever.
As soon as you think of it, a new thing comes up. After that, a new thing. And if
it's a security program it needs to be updated regularly. Sorry, isn't gonna happen.
Think about SATAN. When was the last time it was updated ? What about COPS ?

Also, Neek brought up a point I had already mentioned... backdoors, rootkits, etc.
Is it gonna get rid of those or idiot users ? Doubtful. Besides, new exploits, etc.
heh.... the best solution is to get rid of idiots and kill script kiddies for compromizing
the servers.

"My Terminal is my Soul"

Or just trash talk microsoft some more...It's always fun when your in a bad mood.

;)

Wilnix
alt email address: wilnix@hackphreak.org

Trashing MS is overdone and getting played out I think... maybe I'll start trashing Apple now... blah... who am I kidding... who can resist such an easy target??? ;D
*** Sleep: A completely inadequate substitute for caffeine. ***
01010010010101000100011001001101

We could move on to Red Hat if you like...

Wilnix
alt email address: wilnix@hackphreak.org

yah !@

RH blows goats...
hehe
"My Terminal is my Soul"

uh...he he hee he he eh ehh .... FIRE! FIRE!

~Beaver & Buttplug
alt email address: wilnix@hackphreak.org

SMF spam blocked by CleanTalk